TheHackerNews

SysAid Flaws Under Active Attack Enable Remote File Access and SSRF

Jul 23, 2025Ravie LakshmananVulnerability / Software Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two security flaws impacting SysAid IT support software to…

July 23, 2025 Cybernoz 2 min read

TheHackerNews

Google Launches OSS Rebuild to Expose Malicious Code in Widely Used Open-Source Packages

Jul 23, 2025Ravie LakshmananSoftware Integrity / DevSecOps Google has announced the launch of a new initiative called OSS Rebuild to bolster the security of the…

July 23, 2025 Cybernoz 2 min read

TheHackerNews

CISA Orders Urgent Patching After Chinese Hackers Exploit SharePoint Flaws in Live Attacks

Jul 23, 2025Ravie LakshmananVulnerability / Threat Intelligence The U.S. Cybersecurity and Infrastructure Security Agency (CISA), on July 22, 2025, added two Microsoft SharePoint flaws, CVE-2025-49704…

July 23, 2025 Cybernoz 2 min read

TheHackerNews

Microsoft Links Ongoing SharePoint Exploits to Three Chinese Hacker Groups

Jul 22, 2025Ravie LakshmananVulnerability / Threat Intelligence Microsoft has formally tied the exploitation of security flaws in internet-facing SharePoint Server instances to two Chinese hacking…

July 22, 2025 Cybernoz 3 min read

TheHackerNews

Credential Theft and Remote Access Surge as AllaKore, PureRAT, and Hijack Loader Proliferate

Mexican organizations are still being targeted by threat actors to deliver a modified version of AllaKore RAT and SystemBC as part of a long-running campaign.…

July 22, 2025 Cybernoz 4 min read

TheHackerNews

Cisco Confirms Active Exploits Targeting ISE Flaws Enabling Unauthenticated Root Access

Jul 22, 2025Ravie LakshmananNetwork Security / Vulnerability Cisco on Monday updated its advisory of a set of recently disclosed security flaws in Identity Services Engine…

July 22, 2025 Cybernoz 2 min read

TheHackerNews

How to Advance from SOC Manager to CISO?

Making the move from managing a security operations center (SOC) to being a chief information security officer (CISO) is a significant career leap. Not only…

July 22, 2025 Cybernoz 7 min read

TheHackerNews

Hackers Exploit SharePoint Zero-Day Since July 7 to Steal Keys, Maintain Persistent Access

The recently disclosed critical Microsoft SharePoint vulnerability has been under exploitation as early as July 7, 2025, according to findings from Check Point Research. The…

July 22, 2025 Cybernoz 5 min read

TheHackerNews

China-Linked Hackers Launch Targeted Espionage Campaign on African IT Infrastructure

Jul 21, 2025Ravie LakshmananBrowser Security / Malware The China-linked cyber espionage group tracked as APT41 has been attributed to a new campaign targeting government IT…

July 21, 2025 Cybernoz 4 min read

TheHackerNews

Iran-Linked DCHSpy Android Malware Masquerades as VPN Apps to Spy on Dissidents

Jul 21, 2025Ravie LakshmananSpyware / Mobile Security Cybersecurity researchers have unearthed new Android spyware artifacts that are likely affiliated with the Iranian Ministry of Intelligence…

July 21, 2025 Cybernoz 2 min read

TheHackerNews

Assessing the Role of AI in Zero Trust

By 2025, Zero Trust has evolved from a conceptual framework into an essential pillar of modern security. No longer merely theoretical, it’s now a requirement…

July 21, 2025 Cybernoz 5 min read

TheHackerNews

PoisonSeed Hackers Bypass FIDO Keys Using QR Phishing and Cross-Device Sign-In Abuse

Jul 21, 2025Ravie LakshmananThreat Intelligence / Authentication Cybersecurity researchers have disclosed a novel attack technique that allows threat actors to bypass Fast IDentity Online (FIDO)…

July 21, 2025 Cybernoz 4 min read